1 |
commit: 84765235371fae63f3762797eb56b0f64d5941f8 |
2 |
Author: Mart Raudsepp <leio <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Jan 27 09:36:39 2018 +0000 |
4 |
Commit: Mart Raudsepp <leio <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Jan 27 09:38:15 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=84765235 |
7 |
|
8 |
app-text/evince: remove old |
9 |
|
10 |
Package-Manager: Portage-2.3.19, Repoman-2.3.6 |
11 |
|
12 |
app-text/evince/Manifest | 1 - |
13 |
app-text/evince/evince-3.22.1-r1.ebuild | 102 ---------------- |
14 |
.../evince/files/3.22.1-CVE-2017-1000083.patch | 130 --------------------- |
15 |
3 files changed, 233 deletions(-) |
16 |
|
17 |
diff --git a/app-text/evince/Manifest b/app-text/evince/Manifest |
18 |
index 1f3e3ce6f4b..4fda50ef273 100644 |
19 |
--- a/app-text/evince/Manifest |
20 |
+++ b/app-text/evince/Manifest |
21 |
@@ -1,2 +1 @@ |
22 |
-DIST evince-3.22.1.tar.xz 3365004 BLAKE2B 89d909d6ce4bf5c370ca1777993855b70e924108aab4f1f467601165545ae74647ce77c9ba9cb7145e30d1dff00749f41df5fd461be84e51db5f01a293c68294 SHA512 c36a90bf98f25b4f9f05536f1a09c38be30b814529e17a4ab159ba7c1e952402a211f335d4cdf1928ace8a5b46d6d019fbbd457ce11c2ffa264d8bb7c32d5a18 |
23 |
DIST evince-3.24.2.tar.xz 3509216 BLAKE2B 3bcb9e15a6576650d17d6ea1df638c4b16759ddd2353ca47b425c1fec04f90b85ff7f338472e5e18defc01ab066ef241eff40e8f493fa2238814933703636e7b SHA512 77e099ff60188f982a49f5c8287eb2ed8d42402a15a54ccf8367b3814e7e16ba31354363d3f101117153792daa96f653f24bb06193b5e749d0ebfaac7d7c1e0f |
24 |
|
25 |
diff --git a/app-text/evince/evince-3.22.1-r1.ebuild b/app-text/evince/evince-3.22.1-r1.ebuild |
26 |
deleted file mode 100644 |
27 |
index 7ce30ec41a4..00000000000 |
28 |
--- a/app-text/evince/evince-3.22.1-r1.ebuild |
29 |
+++ /dev/null |
30 |
@@ -1,102 +0,0 @@ |
31 |
-# Copyright 1999-2017 Gentoo Foundation |
32 |
-# Distributed under the terms of the GNU General Public License v2 |
33 |
- |
34 |
-EAPI=6 |
35 |
-GNOME2_LA_PUNT="yes" |
36 |
- |
37 |
-inherit gnome2 systemd |
38 |
- |
39 |
-DESCRIPTION="Simple document viewer for GNOME" |
40 |
-HOMEPAGE="https://wiki.gnome.org/Apps/Evince" |
41 |
- |
42 |
-LICENSE="GPL-2+ CC-BY-SA-3.0" |
43 |
-# subslot = evd3.(suffix of libevdocument3)-evv3.(suffix of libevview3) |
44 |
-SLOT="0/evd3.4-evv3.3" |
45 |
-IUSE="djvu dvi gstreamer gnome gnome-keyring +introspection nautilus nsplugin +postscript t1lib tiff xps" |
46 |
-KEYWORDS="~alpha amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~sparc x86 ~x86-fbsd ~amd64-linux ~x86-linux ~x64-solaris" |
47 |
- |
48 |
-# atk used in libview |
49 |
-# gdk-pixbuf used all over the place |
50 |
-COMMON_DEPEND=" |
51 |
- dev-libs/atk |
52 |
- >=dev-libs/glib-2.36:2[dbus] |
53 |
- >=dev-libs/libxml2-2.5:2 |
54 |
- sys-libs/zlib:= |
55 |
- x11-libs/gdk-pixbuf:2 |
56 |
- >=x11-libs/gtk+-3.16.0:3[introspection?] |
57 |
- gnome-base/gsettings-desktop-schemas |
58 |
- >=x11-libs/cairo-1.10:= |
59 |
- >=app-text/poppler-0.33[cairo] |
60 |
- djvu? ( >=app-text/djvu-3.5.22:= ) |
61 |
- dvi? ( |
62 |
- virtual/tex-base |
63 |
- dev-libs/kpathsea:= |
64 |
- t1lib? ( >=media-libs/t1lib-5:= ) ) |
65 |
- gstreamer? ( |
66 |
- media-libs/gstreamer:1.0 |
67 |
- media-libs/gst-plugins-base:1.0 |
68 |
- media-libs/gst-plugins-good:1.0 ) |
69 |
- gnome? ( gnome-base/gnome-desktop:3= ) |
70 |
- gnome-keyring? ( >=app-crypt/libsecret-0.5 ) |
71 |
- introspection? ( >=dev-libs/gobject-introspection-1:= ) |
72 |
- nautilus? ( >=gnome-base/nautilus-2.91.4[introspection?] ) |
73 |
- postscript? ( >=app-text/libspectre-0.2:= ) |
74 |
- tiff? ( >=media-libs/tiff-3.6:0= ) |
75 |
- xps? ( >=app-text/libgxps-0.2.1:= ) |
76 |
-" |
77 |
-RDEPEND="${COMMON_DEPEND} |
78 |
- gnome-base/gvfs |
79 |
- gnome-base/librsvg |
80 |
- || ( |
81 |
- >=x11-themes/adwaita-icon-theme-2.17.1 |
82 |
- >=x11-themes/hicolor-icon-theme-0.10 ) |
83 |
-" |
84 |
-DEPEND="${COMMON_DEPEND} |
85 |
- app-text/docbook-xml-dtd:4.3 |
86 |
- app-text/yelp-tools |
87 |
- dev-util/gdbus-codegen |
88 |
- >=dev-util/gtk-doc-am-1.13 |
89 |
- >=dev-util/intltool-0.35 |
90 |
- dev-util/itstool |
91 |
- sys-devel/gettext |
92 |
- virtual/pkgconfig |
93 |
-" |
94 |
-# eautoreconf needs: |
95 |
-# app-text/yelp-tools |
96 |
- |
97 |
-PATCHES=( |
98 |
- "${FILESDIR}"/${PV}-CVE-2017-1000083.patch |
99 |
-) |
100 |
- |
101 |
-src_prepare() { |
102 |
- gnome2_src_prepare |
103 |
- |
104 |
- # Do not depend on adwaita-icon-theme, bug #326855, #391859 |
105 |
- # https://bugs.freedesktop.org/show_bug.cgi?id=29942 |
106 |
- sed -e 's/adwaita-icon-theme >= $ADWAITA_ICON_THEME_REQUIRED//g' \ |
107 |
- -i configure || die "sed failed" |
108 |
-} |
109 |
- |
110 |
-src_configure() { |
111 |
- gnome2_src_configure \ |
112 |
- --disable-static \ |
113 |
- --enable-pdf \ |
114 |
- --enable-comics \ |
115 |
- --enable-thumbnailer \ |
116 |
- --with-platform=gnome \ |
117 |
- --enable-dbus \ |
118 |
- $(use_enable djvu) \ |
119 |
- $(use_enable dvi) \ |
120 |
- $(use_enable gstreamer multimedia) \ |
121 |
- $(use_enable gnome libgnome-desktop) \ |
122 |
- $(use_with gnome-keyring keyring) \ |
123 |
- $(use_enable introspection) \ |
124 |
- $(use_enable nautilus) \ |
125 |
- $(use_enable nsplugin browser-plugin) \ |
126 |
- $(use_enable postscript ps) \ |
127 |
- $(use_enable t1lib) \ |
128 |
- $(use_enable tiff) \ |
129 |
- $(use_enable xps) \ |
130 |
- BROWSER_PLUGIN_DIR="${EPREFIX}"/usr/$(get_libdir)/nsbrowser/plugins \ |
131 |
- --with-systemduserunitdir="$(systemd_get_userunitdir)" |
132 |
-} |
133 |
|
134 |
diff --git a/app-text/evince/files/3.22.1-CVE-2017-1000083.patch b/app-text/evince/files/3.22.1-CVE-2017-1000083.patch |
135 |
deleted file mode 100644 |
136 |
index 9164c618145..00000000000 |
137 |
--- a/app-text/evince/files/3.22.1-CVE-2017-1000083.patch |
138 |
+++ /dev/null |
139 |
@@ -1,130 +0,0 @@ |
140 |
-From: Bastien Nocera |
141 |
-Date: Thu, 6 Jul 2017 20:02:00 +0200 |
142 |
-Subject: comics: Remove support for tar and tar-like commands |
143 |
- |
144 |
-When handling tar files, or using a command with tar-compatible syntax, |
145 |
-to open comic-book archives, both the archive name (the name of the |
146 |
-comics file) and the filename (the name of a page within the archive) |
147 |
-are quoted to not be interpreted by the shell. |
148 |
- |
149 |
-But the filename is completely with the attacker's control and can start |
150 |
-with "--" which leads to tar interpreting it as a command line flag. |
151 |
- |
152 |
-This can be exploited by creating a CBT file (a tar archive with the |
153 |
-.cbt suffix) with an embedded file named something like this: |
154 |
-"--checkpoint-action=exec=bash -c 'touch ~/hacked;'.jpg" |
155 |
- |
156 |
-CBT files are infinitely rare (CBZ is usually used for DRM-free |
157 |
-commercial releases, CBR for those from more dubious provenance), so |
158 |
-removing support is the easiest way to avoid the bug triggering. All |
159 |
-this code was rewritten in the development release for GNOME 3.26 to not |
160 |
-shell out to any command, closing off this particular attack vector. |
161 |
- |
162 |
-This also removes the ability to use libarchive's bsdtar-compatible |
163 |
-binary for CBZ (ZIP), CB7 (7zip), and CBR (RAR) formats. The first two |
164 |
-are already supported by unzip and 7zip respectively. libarchive's RAR |
165 |
-support is limited, so unrar is a requirement anyway. |
166 |
- |
167 |
-Discovered by Felix Wilhelm from the Google Security Team. |
168 |
- |
169 |
-https://bugzilla.gnome.org/show_bug.cgi?id=784630 |
170 |
---- |
171 |
- backend/comics/comics-document.c | 40 +--------------------------------------- |
172 |
- configure.ac | 2 +- |
173 |
- 2 files changed, 2 insertions(+), 40 deletions(-) |
174 |
- |
175 |
-diff --git a/backend/comics/comics-document.c b/backend/comics/comics-document.c |
176 |
-index 96ed26e..3af119a 100644 |
177 |
---- a/backend/comics/comics-document.c |
178 |
-+++ b/backend/comics/comics-document.c |
179 |
-@@ -56,8 +56,7 @@ typedef enum |
180 |
- RARLABS, |
181 |
- GNAUNRAR, |
182 |
- UNZIP, |
183 |
-- P7ZIP, |
184 |
-- TAR |
185 |
-+ P7ZIP |
186 |
- } ComicBookDecompressType; |
187 |
- |
188 |
- typedef struct _ComicsDocumentClass ComicsDocumentClass; |
189 |
-@@ -117,9 +116,6 @@ static const ComicBookDecompressCommand command_usage_def[] = { |
190 |
- |
191 |
- /* 7zip */ |
192 |
- {NULL , "%s l -- %s" , "%s x -y %s -o%s", FALSE, OFFSET_7Z}, |
193 |
-- |
194 |
-- /* tar */ |
195 |
-- {"%s -xOf" , "%s -tf %s" , NULL , FALSE, NO_OFFSET} |
196 |
- }; |
197 |
- |
198 |
- static GSList* get_supported_image_extensions (void); |
199 |
-@@ -364,13 +360,6 @@ comics_check_decompress_command (gchar *mime_type, |
200 |
- comics_document->command_usage = GNAUNRAR; |
201 |
- return TRUE; |
202 |
- } |
203 |
-- comics_document->selected_command = |
204 |
-- g_find_program_in_path ("bsdtar"); |
205 |
-- if (comics_document->selected_command) { |
206 |
-- comics_document->command_usage = TAR; |
207 |
-- return TRUE; |
208 |
-- } |
209 |
-- |
210 |
- } else if (g_content_type_is_a (mime_type, "application/x-cbz") || |
211 |
- g_content_type_is_a (mime_type, "application/zip")) { |
212 |
- /* InfoZIP's unzip program */ |
213 |
-@@ -396,12 +385,6 @@ comics_check_decompress_command (gchar *mime_type, |
214 |
- comics_document->command_usage = P7ZIP; |
215 |
- return TRUE; |
216 |
- } |
217 |
-- comics_document->selected_command = |
218 |
-- g_find_program_in_path ("bsdtar"); |
219 |
-- if (comics_document->selected_command) { |
220 |
-- comics_document->command_usage = TAR; |
221 |
-- return TRUE; |
222 |
-- } |
223 |
- |
224 |
- } else if (g_content_type_is_a (mime_type, "application/x-cb7") || |
225 |
- g_content_type_is_a (mime_type, "application/x-7z-compressed")) { |
226 |
-@@ -425,27 +408,6 @@ comics_check_decompress_command (gchar *mime_type, |
227 |
- comics_document->command_usage = P7ZIP; |
228 |
- return TRUE; |
229 |
- } |
230 |
-- comics_document->selected_command = |
231 |
-- g_find_program_in_path ("bsdtar"); |
232 |
-- if (comics_document->selected_command) { |
233 |
-- comics_document->command_usage = TAR; |
234 |
-- return TRUE; |
235 |
-- } |
236 |
-- } else if (g_content_type_is_a (mime_type, "application/x-cbt") || |
237 |
-- g_content_type_is_a (mime_type, "application/x-tar")) { |
238 |
-- /* tar utility (Tape ARchive) */ |
239 |
-- comics_document->selected_command = |
240 |
-- g_find_program_in_path ("tar"); |
241 |
-- if (comics_document->selected_command) { |
242 |
-- comics_document->command_usage = TAR; |
243 |
-- return TRUE; |
244 |
-- } |
245 |
-- comics_document->selected_command = |
246 |
-- g_find_program_in_path ("bsdtar"); |
247 |
-- if (comics_document->selected_command) { |
248 |
-- comics_document->command_usage = TAR; |
249 |
-- return TRUE; |
250 |
-- } |
251 |
- } else { |
252 |
- g_set_error (error, |
253 |
- EV_DOCUMENT_ERROR, |
254 |
-diff --git a/configure.ac b/configure.ac |
255 |
-index 36e866a..26a1a7d 100644 |
256 |
---- a/configure.ac |
257 |
-+++ b/configure.ac |
258 |
-@@ -795,7 +795,7 @@ AC_SUBST(TIFF_MIME_TYPES) |
259 |
- AC_SUBST(APPDATA_TIFF_MIME_TYPES) |
260 |
- AM_SUBST_NOTMAKE(APPDATA_TIFF_MIME_TYPES) |
261 |
- if test "x$enable_comics" = "xyes"; then |
262 |
-- COMICS_MIME_TYPES="application/x-cbr;application/x-cbz;application/x-cb7;application/x-cbt;application/x-ext-cbr;application/x-ext-cbz;application/vnd.comicbook+zip;application/x-ext-cb7;application/x-ext-cbt" |
263 |
-+ COMICS_MIME_TYPES="application/x-cbr;application/x-cbz;application/x-cb7;application/x-ext-cbr;application/x-ext-cbz;application/vnd.comicbook+zip;application/x-ext-cb7;" |
264 |
- APPDATA_COMICS_MIME_TYPES=$(echo "<mimetype>$COMICS_MIME_TYPES</mimetype>" | sed -e 's/;/<\/mimetype>\n <mimetype>/g') |
265 |
- if test -z "$EVINCE_MIME_TYPES"; then |
266 |
- EVINCE_MIME_TYPES="${COMICS_MIME_TYPES}" |
267 |
--- |
268 |
-cgit v0.12 |
269 |
- |